This fellow cut the polarizing film from a $20 thrift store monitor and put film on a pair of eyeglasses to make a display that looks like a black screen to everybody but him. This is a good way to enjoy photos of Rubik's Cubes without anyone catching you.]]>

This fellow cut the polarizing film from a $20 thrift store monitor and put film on a pair of eyeglasses to make a display that looks like a black screen to everybody but him. This is a good way to enjoy photos of Rubik's Cubes without anyone catching you.]]>

The site was compromised with a local file inclusion exploit, which means the website's code allowed access to files on the server that aren't supposed to be public.

Nearly a million accounts have the password "123456". More than 100,000 have the password "password".

The non-plaintext passwords were easily cracked anyway, apparently due to some roll-your-own encryption that involved lowercasing everything, SHA1ing it and going back to bed. The longest passwords were "pussy.passwordLimitExceeded:07/1" and "gladiatoreetjaimelesexetjaimefum", with a Blackadder fan in #3 with "antidisestablishmentarianism" and a sybarite who reads XKCD in #4 with "pussypussymoneymoneyweedweed."

Hotmail was the most common email provider, followed by Yahoo and gmail. These three accounted for the vast majority of registered addresses, with AOL and Live an order of magnitude down.

Leaked Source isn't making the data set publicly available; but if they have it, others might too.
]]>

The site was compromised with a local file inclusion exploit, which means the website's code allowed access to files on the server that aren't supposed to be public.

Nearly a million accounts have the password "123456". More than 100,000 have the password "password".

The non-plaintext passwords were easily cracked anyway, apparently due to some roll-your-own encryption that involved lowercasing everything, SHA1ing it and going back to bed. The longest passwords were "pussy.passwordLimitExceeded:07/1" and "gladiatoreetjaimelesexetjaimefum", with a Blackadder fan in #3 with "antidisestablishmentarianism" and a sybarite who reads XKCD in #4 with "pussypussymoneymoneyweedweed."

Hotmail was the most common email provider, followed by Yahoo and gmail. These three accounted for the vast majority of registered addresses, with AOL and Live an order of magnitude down.

Leaked Source isn't making the data set publicly available; but if they have it, others might too.
]]>

http://boingboing.net/2016/11/13/plaintext-passwords-galore-in.html/feed18493957China electronics maker will recall some devices sold in U.S. after massive IoT hackhttp://boingboing.net/2016/10/24/xiongmai.html
http://boingboing.net/2016/10/24/xiongmai.html#commentsMon, 24 Oct 2016 17:02:28 +0000http://boingboing.net/?p=490335

A China-based maker of surveillance cameras said Monday it will recall some products sold in the United States after a massive "Internet of Things" malware attack took down a major DNS provider in a massive DDOS attack. The stunningly broad attack brought much internet activity to a halt last Friday.

A China-based maker of surveillance cameras said Monday it will recall some products sold in the United States after a massive "Internet of Things" malware attack took down a major DNS provider in a massive DDOS attack. The stunningly broad attack brought much internet activity to a halt last Friday.

]]>Security experts hired by the short-selling firm Muddy Waters said in a legal brief filed today that cardiac implants made by St. Jude Medical can be hacked. If hackers can pwn your heart device, the researchers say, they can kill you--from as far away as 100 feet.

A former Booz Allen Hamilton contractor who worked with the National Security Agency will face charges of espionage in a case involving 50 terabytes or more of highly sensitive NSA data the government says were stolen.

A former Booz Allen Hamilton contractor who worked with the National Security Agency will face charges of espionage in a case involving 50 terabytes or more of highly sensitive NSA data the government says were stolen.

An image identified as a scanned copy of U.S. first lady Michelle Obama’s passport was published online today by "DC Leaks," along with personal emails associated with a man identified as a “low-level White House staffer who worked with Hillary Clinton’s presidential campaign.”

An image identified as a scanned copy of U.S. first lady Michelle Obama’s passport was published online today by "DC Leaks," along with personal emails associated with a man identified as a “low-level White House staffer who worked with Hillary Clinton’s presidential campaign.”

Yahoo today confirmed that it suffered a massive data breach that exposed information for at least 500 million user accounts in 2014. If you have a Yahoo account, the company says you should review all your online accounts for any suspicious activity.

Yahoo today confirmed that it suffered a massive data breach that exposed information for at least 500 million user accounts in 2014. If you have a Yahoo account, the company says you should review all your online accounts for any suspicious activity.

Yet another U.S. Democratic Party group has been hacked, the FBI said today. This latest cyberattack against the Democratic Congressional Campaign Committee (or DCCC) could be related to an earlier hack against the Democratic National Committee, Reuters reported, citing unnamed sources on the FBI investigation.

Yet another U.S. Democratic Party group has been hacked, the FBI said today. This latest cyberattack against the Democratic Congressional Campaign Committee (or DCCC) could be related to an earlier hack against the Democratic National Committee, Reuters reported, citing unnamed sources on the FBI investigation.

Federal authorities have not publicly revealed who helped the FBI unlock the San Bernardino iPhone, which was at the center of an extended fight between the government and Apple. The Justice Department had maintained that only Apple could help it access the phone without erasing all of its data before abruptly saying it had gotten help from an outside party and no longer needed Apple’s assistance.

According to people familiar with the issue, the FBI cracked the phone with the help of professional hackers who were paid a one-time flat fee. Law enforcement officials have said recently that the FBI has found no links to foreign terrorists on the phone, though they are still hoping that geolocation data on the device could help reveal what the attackers did during an 18-minute period after the shooting.

The FBI's attempts to compel Apple's cooperation backfired after CEO Tim Cook publicly accused the Bureau of exploiting the case to try and gain backdoor access to iPhones in general. The phone ultimately yielded no useful information.

“But it was, in my view, worth it,” the FBI director said of what it cost to access the phone’s data.

Federal authorities have not publicly revealed who helped the FBI unlock the San Bernardino iPhone, which was at the center of an extended fight between the government and Apple. The Justice Department had maintained that only Apple could help it access the phone without erasing all of its data before abruptly saying it had gotten help from an outside party and no longer needed Apple’s assistance.

According to people familiar with the issue, the FBI cracked the phone with the help of professional hackers who were paid a one-time flat fee. Law enforcement officials have said recently that the FBI has found no links to foreign terrorists on the phone, though they are still hoping that geolocation data on the device could help reveal what the attackers did during an 18-minute period after the shooting.

The FBI's attempts to compel Apple's cooperation backfired after CEO Tim Cook publicly accused the Bureau of exploiting the case to try and gain backdoor access to iPhones in general. The phone ultimately yielded no useful information.

“But it was, in my view, worth it,” the FBI director said of what it cost to access the phone’s data.

A bizarre glitch in Super Mario World, and an incredible amount of patience, and the SNES classic is transformed into Flappy Bird.

It's incredible to watch SethBling in action. Once the glitch (triggered by giving Mario too many power-ups) is active, machine code can be arbitrary rewritten in memory by carefully moving Mario around. This code can, ultimately, be executed. The process takes an hour of careful pixel-perfect actions in the game world, which becomes stranger and more nightmarish as Mario's universe-editing rituals proceed.

Welcome to the weirdest, most painful, most existentially-nightmarish IDE—and a reminder that our own reality is probably an abandoned simulation waiting for someone to take too many power-ups and turn it all into a sadistic casual game.
]]>

A bizarre glitch in Super Mario World, and an incredible amount of patience, and the SNES classic is transformed into Flappy Bird.

It's incredible to watch SethBling in action. Once the glitch (triggered by giving Mario too many power-ups) is active, machine code can be arbitrary rewritten in memory by carefully moving Mario around. This code can, ultimately, be executed. The process takes an hour of careful pixel-perfect actions in the game world, which becomes stranger and more nightmarish as Mario's universe-editing rituals proceed.

Welcome to the weirdest, most painful, most existentially-nightmarish IDE—and a reminder that our own reality is probably an abandoned simulation waiting for someone to take too many power-ups and turn it all into a sadistic casual game.
]]>

Self-proclaimed Ashley Madison hackers the Impact Team today released what looks like another 20 gigabytes of ill-gotten data. The just-dropped “other shoe” includes emails from the cheater-dating website's CEO.

Self-proclaimed Ashley Madison hackers the Impact Team today released what looks like another 20 gigabytes of ill-gotten data. The just-dropped “other shoe” includes emails from the cheater-dating website's CEO.

The privacy of some 37 million account-holders is at stake, though the bulk of the dataset is apparently being withheld and its contents remain uncharted territory.

The social network's boss, bless his stupid nylon socks, thinks that he'll be able to take their "intellectual property" off the 'net.

Reached by KrebsOnSecurity late Sunday evening, ALM Chief Executive Noel Biderman confirmed the hack, and said the company was “working diligently and feverishly” to take down ALM’s intellectual property. Indeed, in the short span of 30 minutes between that brief interview and the publication of this story, several of the Impact Team’s Web links were no longer responding.

“We’re not denying this happened,” Biderman said. “Like us or not, this is still a criminal act.”

The Impact Team said that the ‘full delete’ feature didn’t actually wipe profiles as advertised and that it brought ALM $1.7 million in revenue last year.

The hackers said:

Users almost always pay with credit card; their purchase details are not removed as promised, and include real name and address, which is of course the most important information the users want removed.

The Impact Team also demanded that ALM take down AshleyMadison and Established Men permanently:

Avid Life Media has been instructed to take Ashley Madison and Established Men offline permanently in all forms, or we will release all customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails. The other websites may stay online.

The privacy of some 37 million account-holders is at stake, though the bulk of the dataset is apparently being withheld and its contents remain uncharted territory.

The social network's boss, bless his stupid nylon socks, thinks that he'll be able to take their "intellectual property" off the 'net.

Reached by KrebsOnSecurity late Sunday evening, ALM Chief Executive Noel Biderman confirmed the hack, and said the company was “working diligently and feverishly” to take down ALM’s intellectual property. Indeed, in the short span of 30 minutes between that brief interview and the publication of this story, several of the Impact Team’s Web links were no longer responding.

“We’re not denying this happened,” Biderman said. “Like us or not, this is still a criminal act.”

The Impact Team said that the ‘full delete’ feature didn’t actually wipe profiles as advertised and that it brought ALM $1.7 million in revenue last year.

The hackers said:

Users almost always pay with credit card; their purchase details are not removed as promised, and include real name and address, which is of course the most important information the users want removed.

The Impact Team also demanded that ALM take down AshleyMadison and Established Men permanently:

Avid Life Media has been instructed to take Ashley Madison and Established Men offline permanently in all forms, or we will release all customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails. The other websites may stay online.

One security expert said the scheme was a big step forward for online security.

"Schemes like this reward hackers for finding and disclosing problems in the right way. That makes the internet safer for all of us," said security consultant Dr Jessica Barker.

"Bug bounties are common in tech companies as they tend to understand online security a bit more, but other industries are catching up," said Dr Barker.

]]>

http://boingboing.net/2015/07/16/united-rewards-security-resear.html/feed8406073Accused Turkish cybercriminal extradited to U.S. to face charges of hacking ATMs worldwidehttp://boingboing.net/2015/06/24/accused-turkish-cybercriminal.html
http://boingboing.net/2015/06/24/accused-turkish-cybercriminal.html#commentsWed, 24 Jun 2015 18:08:12 +0000http://boingboing.net/?p=399893[caption id="attachment_399899" align="alignnone" width="930"]Never a good look, at least not to prosecutors.[/caption]

“The U.S. government will get a rare chance to prosecute one of the world's most-wanted cybercriminal suspects with the extradition of a Turkish man accused of orchestrating a global operation to hack automated teller machines,” reports Tribune News.
(more…)

]]>[caption id="attachment_399899" align="alignnone" width="930"]Never a good look, at least not to prosecutors.[/caption]

“The U.S. government will get a rare chance to prosecute one of the world's most-wanted cybercriminal suspects with the extradition of a Turkish man accused of orchestrating a global operation to hack automated teller machines,” reports Tribune News.
(more…)

LastPass says in its blog entry, “Encrypted user vaults were not compromised.” This is a critical fact because changing your master password will immediately make the stolen password information useless. If crackers had stolen vaults, they would be able to churn on them forever or return to them to the future and crack them with more advanced or powerful technology. Since people often don’t change passwords for years at a time or forever, that could have still been a risk.

LastPass also advises changing your password at any other account for which you use the identical password

LastPass says in its blog entry, “Encrypted user vaults were not compromised.” This is a critical fact because changing your master password will immediately make the stolen password information useless. If crackers had stolen vaults, they would be able to churn on them forever or return to them to the future and crack them with more advanced or powerful technology. Since people often don’t change passwords for years at a time or forever, that could have still been a risk.

LastPass also advises changing your password at any other account for which you use the identical password

http://boingboing.net/2015/06/17/lastpass-hacked-but-says-user.html/feed6398233How the hell did they get 1024 colors out of a 1981 PC?http://boingboing.net/2015/04/16/how-the-hell-did-they-get-1024.html
http://boingboing.net/2015/04/16/how-the-hell-did-they-get-1024.html#commentsThu, 16 Apr 2015 15:21:23 +0000http://boingboing.net/?p=380454

The idea that such multi-color trickery was possible came to me some time ago, as I was looking at reenigne's code for patching up composite CGA emulation in DOSBox; messing with that patch during development gave me a much better picture of composite CGA's inner workings. When I had ironed out the basic concept for this hack, I divulged it to reenigne for 'peer review' and for testing on real hardware. Soon enough, we had an improved recipe:

Take two familiar (though officially undocumented) tweaks. Blend to an even mixture producing a new effect.
Add one crucial new trick – an ingredient of reenigne's devising.
Test and calibrate until blue in the face.

It's also a great look at the workings of CGA for the interested but nontechnical layman.

Released at the Revision 2015 demo party, 8088 MPH is a vision of previously undiscovered possibility (a perfect entrypoint to the 19A0s!)—there's even MOD music, including digital samples, at 6:40m, like it's just no big deal at all to do that with 1981 hardware
]]>

The idea that such multi-color trickery was possible came to me some time ago, as I was looking at reenigne's code for patching up composite CGA emulation in DOSBox; messing with that patch during development gave me a much better picture of composite CGA's inner workings. When I had ironed out the basic concept for this hack, I divulged it to reenigne for 'peer review' and for testing on real hardware. Soon enough, we had an improved recipe:

Take two familiar (though officially undocumented) tweaks. Blend to an even mixture producing a new effect.
Add one crucial new trick – an ingredient of reenigne's devising.
Test and calibrate until blue in the face.

It's also a great look at the workings of CGA for the interested but nontechnical layman.

Released at the Revision 2015 demo party, 8088 MPH is a vision of previously undiscovered possibility (a perfect entrypoint to the 19A0s!)—there's even MOD music, including digital samples, at 6:40m, like it's just no big deal at all to do that with 1981 hardware
]]>

http://boingboing.net/2015/04/16/how-the-hell-did-they-get-1024.html/feed22380454Nigerian email swindlers using more sophisticated hackshttp://boingboing.net/2014/07/22/nigerian-email-swindlers-using.html
http://boingboing.net/2014/07/22/nigerian-email-swindlers-using.html#commentsTue, 22 Jul 2014 18:31:56 +0000http://boingboing.net/?p=320098off-the-shelf scripts are so much more powerful. [NYT]]]>off-the-shelf scripts are so much more powerful. [NYT]]]>http://boingboing.net/2014/07/22/nigerian-email-swindlers-using.html/feed4320098NSA has "backdoor access" to iPhoneshttp://boingboing.net/2013/12/31/nsa-has-backdoor-access-to.html
http://boingboing.net/2013/12/31/nsa-has-backdoor-access-to.html#commentsTue, 31 Dec 2013 17:02:58 +0000http://boingboing.net/?p=277223the spy agency can snoop on personal iPhone communications such as SMS messages, location and cellular data. Though any device could be compromised likewise given the physical access required, the document demonstrates that the NSA a) is actually doing it, and b) is working on (and may also have successfully developed) remote hacks. Apple says it has never worked with the NSA to create a backdoor in any of its products and is unaware of the shenanigans. [Daily Dot]]]>the spy agency can snoop on personal iPhone communications such as SMS messages, location and cellular data. Though any device could be compromised likewise given the physical access required, the document demonstrates that the NSA a) is actually doing it, and b) is working on (and may also have successfully developed) remote hacks. Apple says it has never worked with the NSA to create a backdoor in any of its products and is unaware of the shenanigans. [Daily Dot]]]>http://boingboing.net/2013/12/31/nsa-has-backdoor-access-to.html/feed16277223Floating UP! house posts photos to Instagram via Raspberry Pihttp://boingboing.net/2013/11/11/floating-up-house-posts-photo.html
http://boingboing.net/2013/11/11/floating-up-house-posts-photo.html#commentsMon, 11 Nov 2013 16:37:06 +0000http://boingboing.net/?p=267605

Valentin Squirelo and friends at HackerLoop built a miniature model of the flying house from UP! outfitted with a Raspberry Pi computer and floated it above Paris where it posted live photos to Instagram. This was particularly interesting because generally photos can only be uploaded to Instagram via the official iOS or Android app. HackerLoop worked around that limitation. HackerLoop's #Upstagram]]>

Valentin Squirelo and friends at HackerLoop built a miniature model of the flying house from UP! outfitted with a Raspberry Pi computer and floated it above Paris where it posted live photos to Instagram. This was particularly interesting because generally photos can only be uploaded to Instagram via the official iOS or Android app. HackerLoop worked around that limitation. HackerLoop's #Upstagram]]>

http://boingboing.net/2013/11/11/floating-up-house-posts-photo.html/feed3267605"Politicians aren't scientists"http://boingboing.net/2012/11/21/politicians-arent-scientis.html
http://boingboing.net/2012/11/21/politicians-arent-scientis.html#commentsWed, 21 Nov 2012 15:14:36 +0000http://boingboing.net/?p=195536You know how some media love "he said, she said" journalism? The kind in which any issue, no matter the facts or relative degrees of extremism, is narrated in perfect equilibrium between two opposed, yet indistinguishably-intractable sides. Doesn't that stuff suck? OK! Cool.

You know how some media love "he said, she said" journalism? The kind in which any issue, no matter the facts or relative degrees of extremism, is narrated in perfect equilibrium between two opposed, yet indistinguishably-intractable sides. Doesn't that stuff suck? OK! Cool.

http://boingboing.net/2012/11/21/politicians-arent-scientis.html/feed15195536Grab YouTube thumbnails easilyhttp://boingboing.net/2012/11/12/grab-youtube-thumbnails-easily.html
http://boingboing.net/2012/11/12/grab-youtube-thumbnails-easily.html#commentsMon, 12 Nov 2012 16:18:43 +0000http://boingboing.net/?p=193557a plain-jane widget to grab what's available, at-a-glance, for any given YT URL. Enjoy!]]>a plain-jane widget to grab what's available, at-a-glance, for any given YT URL. Enjoy!]]>http://boingboing.net/2012/11/12/grab-youtube-thumbnails-easily.html/feed4193557Hacks that never happenedhttp://boingboing.net/2012/09/11/hacks-that-never-happened.html
http://boingboing.net/2012/09/11/hacks-that-never-happened.html#commentsWed, 12 Sep 2012 02:47:37 +0000http://boingboing.net/?p=180506A hacker claimed credit, gaining the attention of the entire tech press. But his story was soon debunked: a DNS configuration mistake was the real cause. At Threat Level, Robert McMillan recounts the greatest hacks that never were.]]>A hacker claimed credit, gaining the attention of the entire tech press. But his story was soon debunked: a DNS configuration mistake was the real cause. At Threat Level, Robert McMillan recounts the greatest hacks that never were.]]>http://boingboing.net/2012/09/11/hacks-that-never-happened.html/feed14180506Apple suspends over-the-phone password resetshttp://boingboing.net/2012/08/07/apple-suspects-over-the-phone.html
http://boingboing.net/2012/08/07/apple-suspects-over-the-phone.html#commentsWed, 08 Aug 2012 02:44:08 +0000http://boingboing.net/?p=175308the incredible social engineering hack suffered by Wired's Mat Honan over the weekend, Apple's shut down the exploit by "ordering support staff to immediately stop processing AppleID password changes requested over the phone."]]>the incredible social engineering hack suffered by Wired's Mat Honan over the weekend, Apple's shut down the exploit by "ordering support staff to immediately stop processing AppleID password changes requested over the phone."]]>http://boingboing.net/2012/08/07/apple-suspects-over-the-phone.html/feed6175308How to turn old car parts into a video game controllerhttp://boingboing.net/2012/06/21/how-to-turn-old-car-parts-into.html
http://boingboing.net/2012/06/21/how-to-turn-old-car-parts-into.html#commentsFri, 22 Jun 2012 00:55:59 +0000http://boingboing.net/?p=167255Jason Torchinsky of Jalopnik shows how to turn old car parts into a video game controller.

The idea came to me while adjusting the mirrors in a car, and realizing that the little mirror-control joystick was better than many video game joysticks I used. I then had a waking dream of the grand possibilities of playing old videogames with control pads sourced from cars. The dream was a beautiful, fantastical vision of a world we could all achieve. I woke up hours later behind a CVS, and headed straight to a junkyard to make this dream real.

Super-sleuth readers may note that in the final project I used a seat control panel instead of a mirror controller. There's a reason for that. When I got the mirror control pads and joysticks home and tested them, I uncovered one of the auto industry's darkest secrets: the "up" and "left" directions on mirror controllers are THE SAME DAMN THING. They're wired together! Think of all the times you've thought you were adjusting your mirror up, not left, thinking you were hot shit? IT'S ALL BEEN A FILTHY LIE. So I soon learned to look elsewhere. Luckily, 70s-80s American cars provided the solution, since they're full of funny little chrome joysticks for seat controls and other various duties.

]]>Jason Torchinsky of Jalopnik shows how to turn old car parts into a video game controller.

The idea came to me while adjusting the mirrors in a car, and realizing that the little mirror-control joystick was better than many video game joysticks I used. I then had a waking dream of the grand possibilities of playing old videogames with control pads sourced from cars. The dream was a beautiful, fantastical vision of a world we could all achieve. I woke up hours later behind a CVS, and headed straight to a junkyard to make this dream real.

Super-sleuth readers may note that in the final project I used a seat control panel instead of a mirror controller. There's a reason for that. When I got the mirror control pads and joysticks home and tested them, I uncovered one of the auto industry's darkest secrets: the "up" and "left" directions on mirror controllers are THE SAME DAMN THING. They're wired together! Think of all the times you've thought you were adjusting your mirror up, not left, thinking you were hot shit? IT'S ALL BEEN A FILTHY LIE. So I soon learned to look elsewhere. Luckily, 70s-80s American cars provided the solution, since they're full of funny little chrome joysticks for seat controls and other various duties.

]]>http://boingboing.net/2012/06/21/how-to-turn-old-car-parts-into.html/feed9167255Disability insurancehttp://boingboing.net/2012/03/26/disability-insurance.html
http://boingboing.net/2012/03/26/disability-insurance.html#commentsMon, 26 Mar 2012 16:49:24 +0000http://boingboing.net/?p=151326sawed his own foot off. [Reuters]]]>sawed his own foot off. [Reuters]]]>http://boingboing.net/2012/03/26/disability-insurance.html/feed14151326RIM kills PlayBook root hack; hacker roots it againhttp://boingboing.net/2011/12/07/rim-kills-playbook-root-hack.html
http://boingboing.net/2011/12/07/rim-kills-playbook-root-hack.html#commentsWed, 07 Dec 2011 16:10:51 +0000http://boingboing.net/?p=133158attempts to stop people rooting their PlayBooks are failing. But it will keep trying! Because sunk costs aren't just about money, you know!]]>attempts to stop people rooting their PlayBooks are failing. But it will keep trying! Because sunk costs aren't just about money, you know!]]>http://boingboing.net/2011/12/07/rim-kills-playbook-root-hack.html/feed2133158Mandatory "agreement" for Playstation Network users waives your right to class actions over future hackshttp://boingboing.net/2011/09/16/mandatory-agreement-for-playstation-network-users-waives-your-right-to-sue-over-future-hacks.html
http://boingboing.net/2011/09/16/mandatory-agreement-for-playstation-network-users-waives-your-right-to-sue-over-future-hacks.html#commentsFri, 16 Sep 2011 14:26:40 +0000http://boingboing.net/?p=117899click through a EULA whereby you promise not to sue them in a class action if they get hacked again, even if they're negligent, and even if you get screwed over as a result. If you don't agree, no more PSN for you. (Thanks, @sickkid1972!)
]]>click through a EULA whereby you promise not to sue them in a class action if they get hacked again, even if they're negligent, and even if you get screwed over as a result. If you don't agree, no more PSN for you. (Thanks, @sickkid1972!)
]]>http://boingboing.net/2011/09/16/mandatory-agreement-for-playstation-network-users-waives-your-right-to-sue-over-future-hacks.html/feed25117899Report: iTunes targeted in mystery hackhttp://boingboing.net/2011/09/07/mystery-hack-targets-itunes-say-victims.html
http://boingboing.net/2011/09/07/mystery-hack-targets-itunes-say-victims.html#commentsThu, 08 Sep 2011 01:39:07 +0000http://boingboing.net/?p=116737At Macworld, Lex Friedman looks at recent reports of hacked iTunes accounts, where hundreds of users say gift card credit was wiped out by purchases made without their permission. Apple is issuing refunds, but is otherwise mostly silent on the matter.

This is a mystery story, but it’s not a great one. A great mystery generally involves a detective who gathers the evidence, performs an investigation, and finally issues the spectacular reveal: the motive, the guilty party, and—if all goes well—the punishment. In the mystery of the Towson Hack, unfortunately, we’ve got a crime, evidence, and a motive, but no justice, and no real resolution. Consider yourself warned.

At Macworld, Lex Friedman looks at recent reports of hacked iTunes accounts, where hundreds of users say gift card credit was wiped out by purchases made without their permission. Apple is issuing refunds, but is otherwise mostly silent on the matter.

This is a mystery story, but it’s not a great one. A great mystery generally involves a detective who gathers the evidence, performs an investigation, and finally issues the spectacular reveal: the motive, the guilty party, and—if all goes well—the punishment. In the mystery of the Towson Hack, unfortunately, we’ve got a crime, evidence, and a motive, but no justice, and no real resolution. Consider yourself warned.